When the NRC originally licenses and subsequently relicenses a nuclear power reactor, Appendix A to the operating license contains what are called the Technical Specifications, or tech specs for short. The tech specs are required by federal regulation.
The tech specs define safety limits for key parameters that are established to protect the integrity of physical barriers against the uncontrolled release of radioactivity. When a safety limit is exceeded, the reactor must be shut down and cannot be restarted without formal NRC authorization.
The tech specs also contain Limiting Conditions for Operation (LCOs) that establish the minimum performance levels for various reactor operating configurations. For example, the LCOs might allow indefinite reactor operation when two or more emergency diesel generators are available, restrict reactor operation to only 7 days if only one emergency diesel generator is available, and require the reactor to be shut down within 12 hours if none of the emergency diesel generators is available.
The tech specs have surveillance requirements for testing and inspections necessary to verify that all safety limits and LCOs are being met. For example, the surveillance requirements establish both the frequency and acceptance criteria for emergency diesel generator testing.
Each reactor has its own tech specs. In addition, each reactor vendor (e.g., Westinghouse, General Electric, Combustion Engineering, and Babcock & Wilcox) have developed standard technical specifications. This post will feature the Westinghouse standard technical specifications but is applicable to other standard technical specifications and to individual reactor tech specs.
Details of the Tech Specs
Section 1.1 of the tech specs defines specific terms. Whenever a word appears in all capital letters throughout the tech specs, that word is explicitly defined in Section 1.1. A key term is MODE. Table 1.1-1 defines six operating configurations. There are two MODES where the reactor is critical (MODE 1 with the reactor power level above 5 percent and MODE 2 with the reactor power level less than or equal to 5 percent). There are three MODES where the reactor is not critical (MODE 3 with the reactor water temperature greater than or equal to 350°F, MODE 5 with the reactor water temperature less than or equal to 200°F, and MODE 4 with the reactor water temperature between 200°F and 350°F. And there’s MODE 6 where the reactor is shut down with one or more of the bolts holding the head on top of the reactor vessel loosened. The MODES are important because LCOs are only applicable in specified MODES. In other words, an LCO does not have to be met except during applicable MODES of operation.
Section 2 defines the safety limits.
Section 3 contains both the LCOs and their associated surveillance requirements. Subsections cover emergency core cooling systems, containment systems, electrical power systems, refueling, and other areas.
Consider the LCOs and surveillance requirements for the Accumulators, (LCO 3.5.1). The Accumulators are part of the emergency core cooling systems. They are metal tanks partially filled with water and partially filled with nitrogen gas under pressure. Under certain accident conditions, the nitrogen gas will automatically “push” the accumulators’ water into pipes that carry it into the reactor vessel to cool the reactor core. The accumulators one-time makeup supply buy time for other emergency core cooling systems to start up and provide additional makeup cooling flow to the reactor core.
LCO 3.5.1 requires four ECCS accumulators when the reactor is in MODES 1 and 2 and also in MODE 3 with the reactor pressure above 1,000 pounds per square inch. For MODE 3 with the reactor pressure less than 1,000 pounds per square inch and in MODES 4, 5, and 6, no accumulators are required.
If the water within an accumulator lacks the specified boron concentration, LCO 3.5.1 Action A requires that the proper concentration be restored within 72 hours. If an accumulator is unavailable for any reason other than boron concentration, LCO 3.5.1 Action B requires the problem(s) to be remedied within 24 hours.
If the remedial actions are not completed within these specified limits, LCO 3.5.1 Action C requires that the reactor be shut down within 6 hours and depressurized below 1,000 pounds per square inch within 12 hours.
If two or more accumulators are unavailable, LCO 3.5.1 Action D requires the reactor to be shut down within 7 hours. (Note that while Action D specifies 7 hours to shut down compared to the 6 hours specified in Action C, Action C’s clock does not start until after the 72 hour clock in Action A or the 24 hour clock in Action B runs out. The clock for Action D starts as soon as the second accumulator is determined to be unavailable.)
The associated surveillance requirements (SRs) determine whether accumulators are available. SR 22.214.171.124 requires that the isolation valves for each accumulator be verified to be open at least once every 12 hours. A closed isolation valve prevents the water inside an accumulator from reaching the reactor core in event of an accident.
SR 126.96.36.199 requires that each accumulator be verified to contain 7,853 to 8,171 gallons of borated water at least once every 12 hours. This ensures sufficient water is available to flow through an open isolation valve into the reactor vessel in event of an accident.
SR 188.8.131.52 requires that each accumulator be pressurized with nitrogen gas between 385 and 481 pounds per square inch. This ensures sufficient force is available to propel an adequate volume of water through an open isolation valve into the reactor vessel in event of an accident.
SR 184.108.40.206 requires that the boron concentration of the water in each accumulator be verified to be 1,900 to 2,100 parts per million at least once every 31 days and within 6 hours of adding water to an accumulator. This ensures that the water reaching the reactor vessel in event of an accident is sufficient to prevent a nuclear chain reaction in addition to provide cooling of the reactor core.
The tech specs provide insights as to the relative risk, or safety importance, of plant equipment. For example, the accumulator tech spec described above suggests that boron concentration is the least important parameter. After all, the boron concentration can be out of specification for up to 72 hours without invoking a reactor shut down. But an inadequate amount of water or a closed isolation valve must be remedied within only 24 hours.
Likewise, a comparison of LCO 3.5.1 to other LCOs provides relative risk insights. The atmospheric dump valves are addressed by LCO 3.7.4. These valves are located on the pipes carrying steam from the steam generators to the main turbine and automatically open when pressure rises too high to protect the pipes from bursting. Three atmospheric dumps valves are required during reactor operation. But all three can be unavailable for up to 24 hours before a reactor shutdown is required. Clearly, the atmospheric dump valves are not as risk significant as the accumulators.
Deeper and fuller (and easier) insights can be realized from the companion to the tech specs, their Bases. The Bases provide the hows and whys for the whats established by the tech specs.
The Bases for the accumulators contains information such as:
The accumulator size, water volume, and nitrogen cover pressure are selected so that three of the four accumulators are sufficient to partially cover the core before significant clad melting or zirconium water reaction can occur following a LOCA [loss of coolant accident].
But if three accumulators are sufficient to cool the reactor, why does LCO 3.5.1 require four accumulators? The Bases explain the reason:
The need to ensure that three accumulators are adequate for this function is consistent with the LOCA assumption that the entire contents of one accumulator will be lost via the RCS [reactor coolant system – the reactor vessel and attached piping] pipe break during the blowdown phase of the LOCA.
The Bases explain how the minimum and maximum ranges for accumulator water inventory, nitrogen pressures, and boron concentrations were established. And the Bases explain why the accumulators are required in some MODES and not others.
The Bases provide insights into the potential implications of broken safety equipment. The Bases for the accumulators explains:
If less than three accumulators are injected during the blowdown phase of a LOCA, the ECCS acceptance criteria of 10 CFR 50.46 could be violated.
a. Maximum fuel element cladding temperature is ≤ 2200°F,
b. Maximum cladding oxidation is ≤ 0.17 times the total cladding thickness before oxidation,
c. Maximum hydrogen generation from a zirconium water reaction is ≤ 0.01 times the hypothetical amount that would be generated if all of the metal in the cladding cylinders surrounding the fuel, excluding the cladding surrounding the plenum volume, were to react, and
d. Core is maintained in a coolable geometry.
The tech specs define the minimum complement of safety equipment needed for various operating conditions and the performance requirements for this equipment. The tech specs also establish what actions need to be taken within what time frames when safety equipment is unavailable or under-performing.
The Bases explain the role played by safety equipment during design basis accidents and the reasons behind the performance requirements for this equipment.
What Does It All Mean?
When reading an event notification or licensee event report about an equipment problem, the tech specs and Bases might serve as useful references to putting that problem in fuller safety context.
The UCS Nuclear Energy Activist Toolkit (NEAT) is a series of post intended to help citizens understand nuclear technology and the Nuclear Regulatory Commission’s processes for overseeing nuclear plant safety.